jasig-cas IRC Logs-2011-07-26

Owned by Apereo Infrastructure
Last updated: Jul 26, 2011Version comment
10 min read

[08:48:14 CDT(-0500)] <fairwinds> serac: hi, gmorning
[08:48:23 CDT(-0500)] <serac> howdy
[08:48:26 CDT(-0500)] <fairwinds> curious what version of maven you use
[08:48:31 CDT(-0500)] <serac> 2.2.1
[08:48:43 CDT(-0500)] <serac> I have no reason to upgrade yet.
[08:48:46 CDT(-0500)] <fairwinds> me too. I was using 3.x
[08:49:14 CDT(-0500)] <fairwinds> but went to 2.2.1 since it seemed to be the norn
[08:49:19 CDT(-0500)] <serac> I honestly haven't studied the relevant differences between the two.
[08:49:19 CDT(-0500)] <fairwinds> norm even
[08:49:47 CDT(-0500)] <wgthom> been using 3.0.3 with cas with no problems.
[08:49:51 CDT(-0500)] <serac> I believe 2.2.x is the "official" version Scott uses to build, but you could probably make 3.x work with small effort.
[08:50:22 CDT(-0500)] <fairwinds> k, I am sort of a Java dummy so I thought I should not introduce anything special into the mix
[08:50:36 CDT(-0500)] <fairwinds> wgthom: k, cool - good to know
[08:52:53 CDT(-0500)] <fairwinds> serac: have ben making a ticket registry in couchdb as well
[08:53:01 CDT(-0500)] <fairwinds> s/ ben been
[08:53:12 CDT(-0500)] <serac> Right, recall you mentioned that.
[08:54:17 CDT(-0500)] <fairwinds> serac: I have to confess I know little about the way the tickets work. I might implement the memcached registry and stick a bunch of log statements so I understand what it is doing
[08:54:45 CDT(-0500)] <serac> Have you reviewed http://www.jasig.org/cas/protocol for background?
[08:55:29 CDT(-0500)] <fairwinds> yeah, I read that, but I am mostly concerned about how to practically implement that with the abstract classes
[08:55:55 CDT(-0500)] <serac> Good – knowing the concepts is good background for rubber-meets-road impl.
[08:56:32 CDT(-0500)] <serac> Studying the MemcachedTicketRegistry source would be good starting point, and possibly adding debugging statements as you mentioned.
[08:56:53 CDT(-0500)] <fairwinds> serac: the memcached thing is close to what i need to do. Couch is really just a key value store in the end but a bit more
[09:00:47 CDT(-0500)] <fairwinds> serac: that is what I am going to do. I have not yet seen what a ticket looks like (smile)
[09:01:05 CDT(-0500)] <serac> They should be all over the logs at DEBUG.
[09:01:21 CDT(-0500)] <serac> The ticket ID anyway, which would be the key.
[09:01:46 CDT(-0500)] <fairwinds> right
[09:01:51 CDT(-0500)] <serac> You'll be storing as the value a byte array that is the serialized object graph of the TicketGrantingTicketImpl object (or ServiceTicketImpl, depending).
[09:02:18 CDT(-0500)] <serac> Should be able to follow memcached impl for serialization scaffolding.
[09:02:38 CDT(-0500)] <fairwinds> yup, I have read the souce closely yesterday
[09:03:06 CDT(-0500)] <serac> Pickle is to Python as serialization is to Java.
[09:03:14 CDT(-0500)] <serac> So should be pretty natural.
[09:03:19 CDT(-0500)] <fairwinds> serac: ah, I know pickles well
[09:03:36 CDT(-0500)] <fairwinds> zope was all pickles
[09:03:45 CDT(-0500)] <fairwinds> in a stack
[09:03:56 CDT(-0500)] <serac> Sounds tasty (wink)
[09:04:01 CDT(-0500)] <fairwinds> that's what zodb is really
[09:04:02 CDT(-0500)] <fairwinds> heh
[09:05:00 CDT(-0500)] <fairwinds> just keep adding them to top and get rid of deleted objects for compaction
[09:06:53 CDT(-0500)] <fairwinds> serac: I worked on a different backend to zodb one time where pickles were stored in sql. Was much faster than original zodb
[09:07:28 CDT(-0500)] <fairwinds> serac: well enough talk of pickles already, I best get to work
[09:07:29 CDT(-0500)] <serac> What is original backend?
[09:09:20 CDT(-0500)] <fairwinds> serac: it normally just creates a stack of these in a file called fileStorage
[09:09:36 CDT(-0500)] <fairwinds> so your db is blah.fs
[09:09:39 CDT(-0500)] <serac> Figured it was just file-backed.
[09:10:16 CDT(-0500)] <fairwinds> serac: there are different backends that can be done but most have died a slow death
[09:10:54 CDT(-0500)] <fairwinds> zope is mostly dead but there are still folks using the zodb
[09:10:58 CDT(-0500)] <serac> Evolution at work I guess.
[09:11:02 CDT(-0500)] <fairwinds> yup
[09:12:54 CDT(-0500)] <fairwinds> serac: repoze bfg and latest evolved python pyramid are zope inspired but very good I don't really want to program in python any longer. Have gone almost completely to js on server
[09:13:45 CDT(-0500)] <serac> Wow. JS on server. Never thought I hear that one.
[09:14:00 CDT(-0500)] <fairwinds> heh, yeah it is all I do now mostly
[09:14:24 CDT(-0500)] <fairwinds> and it is very good
[09:14:54 CDT(-0500)] <serac> I honestly have no frame of reference for how that works.
[09:15:15 CDT(-0500)] <serac> Or what the motivation would be other than enjoyment.
[09:15:21 CDT(-0500)] <fairwinds> uses same engine called V8 in google chrome
[09:15:28 CDT(-0500)] <serac> I know V8.
[09:15:34 CDT(-0500)] <fairwinds> k, cool
[09:15:55 CDT(-0500)] <fairwinds> nodejs is neworking framework build on v8
[09:16:04 CDT(-0500)] <serac> I've heard of it, but not used.
[09:16:53 CDT(-0500)] <fairwinds> serac: sure. In any case you can make whatever you want in it. I program everything asynchronously for most part
[09:17:06 CDT(-0500)] <fairwinds> so it is highly parallel that way
[09:18:48 CDT(-0500)] <fairwinds> serac: one nice benefit is use of models and templates - same on both sides (client and server)
[09:19:04 CDT(-0500)] <fairwinds> serac: I use jquery templates on both sides for example
[09:19:36 CDT(-0500)] <serac> How does the js engine hook into the http server?
[09:21:57 CDT(-0500)] <fairwinds> serac: nodejs is it the piece that works with v8 and exposes framework for networking so clients and servers can be easily built. I guess in similar way to python twisted. I worked with twisted for some time in past as well
[09:22:38 CDT(-0500)] <fairwinds> serac: you can create a basic web server in very few lines of code
[09:23:05 CDT(-0500)] <serac> Do we really want to recreate Web servers at this point?
[09:23:37 CDT(-0500)] <fairwinds> http.createServer(function (req, res) {
[09:23:37 CDT(-0500)]

<fairwinds> res.writeHead(200,

Unknown macro: {'Content-Type'}

);


[09:23:38 CDT(-0500)] <fairwinds> res.end('Hello World\n');
[09:23:38 CDT(-0500)] <fairwinds> }).listen(1337, "127.0.0.1");
[09:23:47 CDT(-0500)] <fairwinds> that it in one line
[09:23:57 CDT(-0500)] <fairwinds> well, you need one import
[09:24:20 CDT(-0500)] <serac> There's far more to HTTP than reading from sockets in practice.
[09:24:39 CDT(-0500)] <fairwinds> yup. I realize.
[09:24:43 CDT(-0500)] <serac> Internet standards like TLS are hard to get right, and existing products have had a lot of engineering over years to make it work well.
[09:25:34 CDT(-0500)] <serac> I can imagine there are use cases for "build your own," but I'm old enough to appreciate the existing products didn't arrive overnight.
[09:25:48 CDT(-0500)] <serac> And have a lot of engineering that would be difficult to duplicate.
[09:26:16 CDT(-0500)] <fairwinds> serac: sure. the key thing with this is that is asyc as opposed to synchronous which has some significant benefits
[09:26:42 CDT(-0500)] <fairwinds> most code written today is synchronous and blocking
[09:26:46 CDT(-0500)] <serac> But surely not enough to simply toss out 20 years of product development of existing Web servers.
[09:27:02 CDT(-0500)] <serac> You could totally do async on top of Apache.
[09:27:30 CDT(-0500)] <fairwinds> serac: for me, yes, exactly what I did
[09:28:17 CDT(-0500)] <fairwinds> serac: well apache itself is not asynchronous and depends heavily on threading and that also consumes significant resources
[09:28:51 CDT(-0500)] <serac> Maybe I'm not getting the use of async here.
[09:31:12 CDT(-0500)] <serac> I should probably shut up and go over to the nodejs resources and read up.
[09:35:12 CDT(-0500)] <fairwinds> serac: There as some good presentations out there about nodejs and benchmarks to give you an ideas of how capable it is against some software that is well understood
[09:35:43 CDT(-0500)] <fairwinds> nodejs isn't specifically a web server it is just a networking framework
[09:35:55 CDT(-0500)] <serac> I'll take a look. It's clear I'm out of touch with that development methodology.
[12:18:56 CDT(-0500)] <fairwinds> serac, apetro: hi. I am having some trouble getting logging to appear from my custom code. Have included org.slf4j Logger and LoggerFactory and using Logger log = LoggerFactory.getLogger(getClass()); to instantiate it. I have statements like log.info("HostAddress:"+ hostAddress); in my code.
[12:19:12 CDT(-0500)] <fairwinds> Am not sure if there is some other incantation to get this into the cas.log
[12:19:32 CDT(-0500)] <serac> Do you have the slf4j-log4j bridge jar in your war deployable?
[12:19:49 CDT(-0500)] <serac> Check WEB-INF/lib.
[12:19:53 CDT(-0500)] <fairwinds> k
[12:21:45 CDT(-0500)] <fairwinds> yup. I get logging for things that are logged by CAS itself but not my custom code
[12:22:17 CDT(-0500)] <fairwinds> serac: so I looked at what logging I have set in my pom
[12:22:35 CDT(-0500)] <serac> If you have that jar, should be good.
[12:22:41 CDT(-0500)] <serac> May be a log config problem.
[12:22:55 CDT(-0500)] <serac> Did you add a category for com.autowhatever=INFO to your log4j.xml?
[12:23:18 CDT(-0500)] <fairwinds> hmm . no where do I find that xml
[12:23:39 CDT(-0500)] <serac> You need to define one for your overlay in WEB-INF/classes/log4j.xml.
[12:23:49 CDT(-0500)] <serac> There's a default one at that location as a template.
[12:24:06 CDT(-0500)] <fairwinds> ah, awesome. that is the foo I need (smile)
[12:24:07 CDT(-0500)] <serac> See also https://wiki.jasig.org/display/CASUM/Logging.
[12:24:26 CDT(-0500)] <fairwinds> great
[12:25:27 CDT(-0500)] <fairwinds> serac: great that should do it.
[12:25:54 CDT(-0500)] <fairwinds> thanks
[12:25:57 CDT(-0500)] <serac> np
[12:37:02 CDT(-0500)] <fairwinds> serac: beautiful that did it
[12:37:17 CDT(-0500)] <serac> It's nice when things are simple (smile)
[12:37:53 CDT(-0500)] <fairwinds> yeah. Now to debugging ticket registry (smile)
[12:41:48 CDT(-0500)] <fairwinds> serac: btw. I have included dependencies on org.slf4j and log4j (since it should be included if using org.slf4j). I added since my modules import these. But they built without requiring these prior to my including.
[12:42:09 CDT(-0500)] <fairwinds> Not quite sure how they built without them
[12:42:42 CDT(-0500)] <serac> They were likely included transitively.
[12:42:46 CDT(-0500)] <fairwinds> but my project built nonetheless
[12:43:03 CDT(-0500)] <fairwinds> serac: in such a case what is best practice
[12:43:05 CDT(-0500)] <serac> e.g. your project depends on cas, cas depends on them, thus you depend on them transitively
[12:43:25 CDT(-0500)] <fairwinds> should I take them out then
[12:43:27 CDT(-0500)] <serac> I like to only define dependencies that my code explicitly needs via imports or runtime deps.
[12:43:56 CDT(-0500)] <fairwinds> k, I will remove then since they do get them transitively
[12:44:06 CDT(-0500)] <serac> I like to declare as little as possible, so in that light yes, remove them.
[12:44:13 CDT(-0500)] <fairwinds> k, thanks
[12:44:24 CDT(-0500)] <fairwinds> I am learning more about java all the time (smile)
[12:46:16 CDT(-0500)] <fairwinds> serac: javax.validation was same way
[12:46:24 CDT(-0500)] <fairwinds> so will take that out also
[12:46:36 CDT(-0500)] <serac> Yup, unless you have an import for it, remove it.
[12:47:14 CDT(-0500)] <fairwinds> serac: I have an import but it is getting within CAS in some way
[12:54:34 CDT(-0500)] <serac> If you import it, declare a dependency.
[12:54:52 CDT(-0500)] <serac> It's nice to have the pom document your direct deps.
[12:55:17 CDT(-0500)] <serac> You can always do mvn dependency:tree to see the transitive deps.
[12:57:52 CDT(-0500)] <fairwinds> serac: I was importing org.slf4j Logger and LoggerFactory also
[12:58:23 CDT(-0500)] <serac> Then you should just declare the slf4j-api dependency.
[12:58:35 CDT(-0500)] <fairwinds> k, that is what i will do
[14:04:11 CDT(-0500)] <fairwinds> serac, apetro: hi. can you tell me why DefaultTicketRegistry is dead simple and has only notion of a generic Ticket where MemcacheTicketRegistry has notion of ServiceTicket and TicketGrantingTicket.
[14:05:03 CDT(-0500)] <apetro> not offhand in real time, no, though I'll agree it's a very interesting question.
[14:07:36 CDT(-0500)] <fairwinds> apetro: are most folks using the Default with the simple cache it creates or backing with a different store
[14:08:55 CDT(-0500)] <serac> I'd say order of popularity, in order, is JPA followed by JBossCache and memcached neck-and-neck.
[14:08:56 CDT(-0500)] <apetro> yes, I do think most folks are using the simple default in-memory cache with a single node CAS server
[14:09:51 CDT(-0500)] <fairwinds> k, was just curious what folks use in reality
[14:13:29 CDT(-0500)] <fairwinds> apetro: JPA is transactional so that is a benefit for sure
[14:32:18 CDT(-0500)] <fairwinds> apetro, serac: Hmm. MemcacheTicketRegistry sets timeout for tickets but others such as Default, JPA don't
[14:32:53 CDT(-0500)] <serac> What do you mean "sets timeout"?
[14:35:34 CDT(-0500)] <fairwinds> serac: they are assigned timeout value for memcache when it will expire in cache ie. private final int tgtTimeout;
[14:35:54 CDT(-0500)] <fairwinds> private final int stTimeout;
[14:36:26 CDT(-0500)] <fairwinds> memcache needs expire times to set values
[14:36:54 CDT(-0500)] <serac> That timeout is for cleanup purposes.
[14:37:14 CDT(-0500)] <serac> JPA has a separate process that scans the registry and deletes tickets that are past their expirationdate.
[14:38:27 CDT(-0500)] <fairwinds> serac: k, so in general, how long to tickets persist? Until someone logs out and closes browser?
[14:39:02 CDT(-0500)] <fairwinds> s /to do
[14:39:02 CDT(-0500)] <serac> Until 1 of 2 things happens:
[14:39:15 CDT(-0500)] <serac> 1. user logs out (tgt and all bound sts destroyed)
[14:39:28 CDT(-0500)] <serac> 2. ticket expires (based on expirationdate of ticket)
[14:39:51 CDT(-0500)] <fairwinds> ah, k
[14:42:10 CDT(-0500)] <fairwinds> serac: based on ticketExpirationPolicies.xml
[14:42:25 CDT(-0500)] <fairwinds> the times set there
[14:42:37 CDT(-0500)] <serac> yes
[14:42:47 CDT(-0500)] <fairwinds> ie 2hrs or inactivity or whatever
[14:42:53 CDT(-0500)] <serac> yes
[14:42:58 CDT(-0500)] <fairwinds> k, I got it
[14:43:21 CDT(-0500)] <fairwinds> serac: this thing is very abstracted
[14:44:10 CDT(-0500)] <fairwinds> serac: but getting easier to understand as I explore more pieces
[18:05:56 CDT(-0500)] <fairwinds> apetro: this is strange syntax to me: public Collection<Ticket> getTickets() {
[18:07:19 CDT(-0500)] <fairwinds> apetro: am assuming method is executed using getTickets()
[18:53:38 CDT(-0500)] <apetro> yes
[18:53:44 CDT(-0500)] <apetro> the concept you want to go read about is called Generics
[18:54:18 CDT(-0500)] <fairwinds> apetro: cool. I was just looking at ouput of some logging data
[18:54:43 CDT(-0500)] <fairwinds> the TGT id is the same as its value
[18:54:49 CDT(-0500)] <apetro> yup. That method is called getTickets() and it returns a Collection containing objects of type Ticket
[18:56:56 CDT(-0500)] <fairwinds> I did not expect the key and value to be the same ie. TGT-1-vUVbezzMJfs7vyHr6biI6VZCIC5YCBdglNeIBOq5e2jXpl6sH2-cas is both the result of getId() and this.cache.get(ticket.getId()))
[18:59:02 CDT(-0500)] <fairwinds> apetro: thought they would be different values but was just surprised to find in this case key equals value